I Built a CIS Benchmark Compliance Checker That Works on Both macOS and Linux

Security hardening is one of those things everyone talks about but few actually implement consistently. The CIS Benchmarks exist for a reasonthey’re the gold standard for OS-level security configuration. So I built a tool that actually checks your system against them, automatically, on both macOS and Linux. What it does The CIS Benchmark Compliance Checker audits your system configuration against CIS Level 1 controls the baseline hardening standards used by enterprises, government agencies, and security teams worldwide. It runs locally, requires no agent, and outputs a clean compliance report. It checks for: Password policy enforcement (minimum length, complexity, expiry) SSH hardening (root login disabled, protocol version, idle timeout) Firewall status (pf on macOS, ufw/iptables on Linux) Audit logging (auditd on Linux, audit framework on macOS) World-writable file detection Core dump restrictions Unnecessary service enumeration Why cross-platform matters Most compliance scripts are